16 Nov 2016

Watch a drone hack a room full of smart lightbulbs from outside the window

“Researchers from the Weizmann Institute of Science and Dalhousie University were able to execute the chain-reaction attack by exploiting a vulnerability in the ZigBee wireless communications protocol, a widely used home automation protocol found at the core of millions of today’s most popular smart home devices — Philips Hue lighting

Read More
16 Nov 2016

Is critical infrastructure the next DDoS target?

“If millions of IoT thermostats in homes and smart grid devices in commercial buildings are compromised and ask for maximum AC on a day in which there is excess demand in the grid, what would the impact be?” Source: Is critical infrastructure the next DDoS target? | CSO Online

Read More
16 Nov 2016

Secret Back Door in Some U.S. Phones Sent Data to China, Analysts Say

“For about $50, you can get a smartphone with a high-definition display, fast data service and, according to security contractors, a secret feature: a backdoor that sends all your text messages to China every 72 hours.” Source: Secret Back Door in Some U.S. Phones Sent Data to China, Analysts Say

Read More
16 Nov 2016

China’s Xi urges cooperation among nations in governance of global internet

“Chinese President Xi Jinping on Wednesday called for greater cooperation among nations in developing and governing the internet, while reiterating the need to respect so-called ‘cyber sovereignty’.” Source: China’s Xi urges cooperation among nations in governance of global internet | Reuters

Read More
16 Nov 2016

DHS Releases ‘Strategic Principles’ for Securing Internet of Things

“A set of ‘Strategic Principles for Securing the Internet of Things (IoT), Version 1.0’ was issued yesterday by the Department of Homeland Security (DHS), which said, ‘These principles highlight approaches and suggested practices to fortify the security of the IoT and will equip stakeholders to make responsible and risk-based security

Read More
15 Nov 2016

This ransomware uses your social media profiles to personalise its demands

“A newly discovered form of ransomware scrapes the social media accounts and local files of victims in order to tailor a customised demand, and threatens court action if it isn’t paid. Dubbed ‘Ransoc’ by cybersecurity researchers at Proofpoint due to its connection with social media including Facebook, LinkedIn, and Skype,

Read More
15 Nov 2016

Cyber Fatigue: New NIST Study Reveals Consumers Feel Overwhelmed by Security Messages, Compliance

“According to a new study by National Institute of Standards and Technology (NIST), ‘security fatigue’ is emerging as a widespread threat to effective cybersecurity programs. The report’s authors write, ‘Users are tired of being overwhelmed by the need to be constantly on alert, tired of all the measures they are

Read More
14 Nov 2016

Michigan Utility Paid $25,000 Ransom After Cyberattack

“Officials say the Lansing Board of Water & Light in Michigan has paid a $25,000 ransom to unlock its internal communications systems after they were disabled in the spring by a cyberattack. General manager Dick Peffley told the Lansing State Journal it cost about $2.4 million to respond to the

Read More
14 Nov 2016

Hackers Go Post-Election Phishing, Turn Off Heat in Finland and Steal Cash From UK Bank

“The Dukes, a group also known as Cozy Bear or APT29, sent series of emails Wednesday after the election, including messages made to look like a Harvard professor forwarding information from the Clinton Foundation. The group sent the emails to many people working in national security, defense, international affairs, public

Read More
14 Nov 2016

Report: FBI Can Unlock Most Devices

“Locked devices might not be as big a problem for the FBI as it may have seemed after its high-profile fight with Apple over unlocking the iPhone used by the San Bernardino shooter. That phone was unlocked by ‘an outside party’ for the FBI, but the bureau can often access

Read More